CISA, FBI warn of satellite network hacks following Viasat cyberattack
CISA and the FBI issued a joint cybersecurity advisory Thursday evening calling for U.S. and international satellite communication (SATCOM) network providers and customers to stay alert of possible threats and begin implementing a new set of mitigations.
The warning follows the recent investigation by Western intelligence agencies into the February 24 disruption of broadband satellite internet access in Ukraine, as reported by Reuters. The strike on Viasat’s KA-SAT satellite disabled the modems of tens of thousands of European customers — most notably disrupting Ukrainian customers including military and police units — posing a serious threat to the country as it fended off Russian troop advancements. Falling on the same day, the cyberattack and the invasion raised Western suspicion of Russia’s possible involvement in the operation.
The heightened threat of cyber disruptions propelled the warning, advising critical infrastructure operators and other organizations linked to SATCOM to be on alert and take preventative steps.
“Use secure methods for authentication, including multifactor authentication where possible, for all accounts used to access, manage, and/or administer SATCOM networks,” the report tells providers and customers. “Put in place additional monitoring at ingress and egress points to SATCOM equipment to look for anomalous traffic.”
Encouraging strict review of possible vulnerabilities, increased monitoring of suspicious or unauthorized activity on network logs, and strengthening cyber incident response plans, the message stresses that no precautionary measure should be neglected.
“Given the current geopolitical situation, CISA’s Shields Up initiative requests that all organizations significantly lower their threshold for reporting and sharing indications of malicious cyber activity,” the statement continues.